News Bytes

Contents:

Please submit your News Bytes items in
plain text; other formats may be rejected without reading.
[You have been warned!] A one- or two-paragraph summary plus a URL has a
much higher chance of being published than an entire press release. Submit
items to bytes@linuxgazette.net. Deividson can also be reached via twitter.

News in General

Debian Kernel Vulnerabilities Being Patched

Several long term kernel security vulnerabilities affecting Debian
distros, including Ubuntu, are being addressed after receiving several
CVE citations. The vulnerabilities are in the more recent Debian
distros, including Lenny, Etch, and Squeeze. They also cover the
following Ubuntu releases:

Ubuntu 6.06 LTS;

Ubuntu 8.04 LTS;

Ubuntu 8.10;

Ubuntu 9.04;

Ubuntu 9.10.

The vulnerabilities involve Denial of Service attacks and, in at least
one case, privilege escalation. One CVE involves an attacker
accessing a VM guest doing a DOS attack on the host machine. The CVE
numbers involved are: CVE-2010-0307, CVE-2010-0309, CVE-2010-0410,
CVE-2010-0415, CVE-2010-0622 and CVE-2010-0623.

CVE is a list of information security vulnerabilities and exposures
that aims to provide common names for publicly known problems. The
goal of CVE is to make it easier to share data across separate
vulnerability capabilities (tools, repositories, and services) with
this "common enumeration".

Metrics Reveal "Most Powerful Voices in Open Source"

In March, MindTouch, an open source alternative to Microsoft
SharePoint, announced the publication of the "Most Powerful Voices in
Open Source" (MPV) ranking. The list presents the top 50 most vocal,
followed, and repeated/re-posted open source commentators, representing
several spheres of influence, including media, vendors, OSS projects,
standards bodies, community management, and more.

Created by MindTouch, the MPV ranking draws from the wide array of
metrics available through Web and Enterprise 2.0 channels, including
Twitter, Google News alerts, unique online visitor counts and analysis
of the related "buzz" of vendor/project affiliations. This compilation
was created using the MindTouch platform, federating these data
sources, applying varied weighting, and processing it for delivery of
the ranking. The list, which includes members worldwide from
organizations such as Ars Technica, Canonical, Google, and
SpringSource, is available in its entirety here:
http://www.mindtouch.com/blog.

The top 5 MPVs are:

Tim O'Reilly, founder and CEO of O'Reilly Media;

Linus Torvalds, founder of Linux, open source advocate;

Chris Messina, open Web advocate, Google;

Miguel de Icaza, founder, Mono and Gnome projects;

Jonathan Schwartz, former CEO of Sun Microsystems.

"It's about time someone has put together a metrics-based ranking of
open source influencers," said Larry Augustin, CEO of SugarCRM.
"Community advocacy is the major thrust of the spirit of open source,
and communities have leaders. This list does a great job of
identifying those leading voices."

"You'll see that this ranking is no popularity contest, there are a
number of surprises outside of the 'usual suspects' often seen on this
type of list," said Aaron Fulkerson, CEO of MindTouch. "This is
because we let the numbers do the talking, instead of an
emotions-based market perception that too frequently comes into play."

MindTouch is a leading provider of enterprise collaboration solutions
in a market where more companies are operating under "lite" IT
budgets. The purpose of MindTouch is to provide wiki-like ease of
collaboration between humans and machines. For more information,
please visit http://www.mindtouch.com/.

Linux Foundation to Host MeeGo Project

The Linux Foundation will be hosting the MeeGo project, an open source
software platform for mobile computing devices. MeeGo combines Intel's
Moblin and Nokia's Maemo projects into one common Linux-based platform.

MeeGo, announced in February by Intel and Nokia, will be deployed
across many computing device types - including mobile computers, media
phones, connected TVs, and in-vehicle infotainment systems. MeeGo is
designed from the ground up for a new class of interactive computing
devices.

MeeGo will be hosted by the Linux Foundation as an open source project
in line with the best practices of the open source development model.
MeeGo is working with existing upstream projects such as the Linux
kernel, ofono, connman, X.org, D-BUS, tracker, GStreamer, Pulseaudio,
and others. The companies and projects associated with MeeGo will
continue to support those upstream projects.

As an open source software platform, MeeGo will help to reduce market
fragmentation and complexity. Along with MeeGo, the Linux Foundation
is working with companies and projects to optimize best practices for
Linux-based development and lower costs for companies using
Linux-based mobile operating systems. More information can be found at
http://www.linuxfoundation.org/embedded/.

MeeGo and other Linux embedded issues will be discussed at the
upcoming Linux Foundation Collaboration Summit in San Francisco. More
information on the meeting can be found at
http://events.linuxfoundation.org/.

The Linux Foundation's MeeGo project welcomes contributors and
encourages developers and others to get involved at the site or find
out more about joining the Linux Foundation at
http://www.linuxfoundation.org/meego/. Moblin and Maemo contributors
are encouraged to participate at http://www.meego.com/.

Linux Foundation Launches Free Training Webinars for Linux Pros

Starting in March, the Linux Foundation has been offering free Linux
Training webinars taught by well-known Linux developers. This is an
opportunity to learn directly from key developers and to sample some
of the courses offered through their Linux training program.

Here's a list of upcoming training webinars:

"How to Work with the Linux Community" by LWN.net editor and kernel
developer Jon Corbet;

"Introduction to Embedded Linux" by author Jerry Cooperstein;

"An Introduction to Git" by kernel maintainer and TAB chair James
Bottomley;

"Linux System Troubleshooting and Tuning" and "Linux Administration
101" by Linux author and community manager Joe "Zonker" Brockmeier;

"Btrfs: An Intro and Update" to the new file system by project lead
Chris Mason;

"Linux Performance Tuning" by kernel developer Ted Ts'o.

The Linux Foundation is also adding sessions for those interested in
embedded Linux development. This is from Amanda McPherson's Linux
Foundation blog:

"...we announced a free webinar series to help connect developers to
the experts they need to advance their careers. Based on the demand
we're seeing in light of these recent announcements, we are announcing
a new free training webinar on embedded Linux. In this free webinar,
you will receive the basics of embedded Linux development and get an
overview of best practices. This is a fantastic opportunity to learn
about a very hot area in technology."

IBM Launches Development & Test Cloud Utilizing Red Hat Technology

IBM has selected Red Hat Enterprise Virtualization as a platform in
its new cloud computing service for development and test. This
means that the Red Hat Enterprise KVM Hypervisor Technology is a
major part of the IBM Cloud.

"Our decade-long partnership with Red Hat has always been focused on
customer value and innovation. Today, we are extending this
partnership to include cloud computing..." said Maria Azua, vice
president of Cloud Computing Enablement at IBM. "Red Hat Enterprise
Virtualization is an optimal hypervisor technology for the
infrastructure offerings on the IBM cloud."

Red Hat first announced plans to deliver Red Hat Enterprise
Virtualization in February 2009. In November 2009, Red Hat Enterprise
Virtualization for Servers was released, providing its customers with
a cost-effective choice in the virtualization market. Red Hat
Enterprise Virtualization offers very recent technology for the
deployment of open cloud computing infrastructures.

Scott Crenshaw, vice president and general manager, Cloud Business
Unit at Red Hat said, "Together, Red Hat and IBM aim to break down
barriers to virtualization and cloud adoption by providing customers
with a stable and robust environment to meet their enterprise
applications requirements. We believe that combining Red Hat
Enterprise Virtualization software with IBM's server, storage and
network hardware, plus IBM's well-known enterprise support and
services, as the foundational components of IBM's cloud infrastructure
offers a compelling application environment for customers".

At NSDI '10, meet with leading researchers to explore the design
principles of large-scale networked and distributed systems. This
year's 3-day technical program includes 29 technical papers with
topics including cloud services, Web browsers and servers, datacenter
and wireless networks, malware, and more. NSDI '10 will also feature a
poster session showcasing early research in progress. Don't miss this
unique opportunity to meet with premier researchers in the computer
networking, distributed systems, and operating systems communities.

The Southeast LinuxFest is a community event for anyone who wants to
learn more about Linux and Free & Open Source software. It is part
educational conference, and part social gathering. Like Linux itself,
it is shared with attendees of all skill levels to communicate tips and
ideas, and to benefit all who use Linux/Free and Open Source Software.
The Southeast LinuxFest is the place to learn, to make new friends, to
network with new business partners, and most importantly, to have fun!

openSUSE 11.3 Milestone 4 Release

The fourth of seven scheduled milestone releases for 11.3 was completed
and released on schedule. Milestone 4 focuses on switching to upstart as
init daemon.

Here are some updates in the new release:

OpenOffice.Org has been updated to 3.2.1 Beta1 with new features;

NetworkManager has been updated to version 0.8;

The conntrack-network filtering system has been added. These
are userspace tools that allow system administrators interact with the
Connection Tracking System, which is the module that provides stateful
packet inspection for iptables;

The Mono stack has been updated to release 2.6.3 together with
monoDevelop 2.2.2;

The Moblin team has started with the integration of the Moblin
UI into the distribution and plan to have everything ready for the
next milestone;

The LiveCDs have virtualbox guest tools. Now features like
screen resizing, seamless mode, and shared clipboards work
automatically after boot-up.

Desktop features include built-in integration with Twitter, identi.ca,
Facebook, and other social networks with the MeMenu in the panel; new
notification area, new themes, new icons, and new wallpaper; Ubuntu
One Music store.

Server features include the Ubuntu Enterprise Cloud installer with
support of alternative installation topologies (and is now powered by
Eucalyptus 1.6.2 codebase); official Ubuntu Server image releases for
UEC and for Amazon's EC2; improvements over Ubuntu 8.04 LTS in safety
and security for the next five years, including AppArmor profiles for
many key services, kernel hardening, and an easy-to-configure
firewall.

Ubuntu Netbook features include optimization to run on Intel atom
based netbooks; a new consumer-friendly interface that allows users to
get on-line and use their favourite applications; plus the same faster
boot times and improved boot experience as Ubuntu desktop.

Kubuntu 10.04 LTS will be the first LTS to feature KDE 4 Platform and
Applications. This release is focused on bug fixing and stability, but
adds features such as touchpad configuration, Firefox KDE integration,
Kubuntu notification improvements, and cross-desktop systray menu
standardisation. Kubuntu features the Plasma Desktop while Kubuntu
Netbook Remix comes out of preview status with the Plasma Netbook
workspace.

Software and Product News

Latest Oracle Lite Synchronizes with Open Source SQLite

With the new version of Oracle Database Lite, mobile users gain
continuous access to enterprise data even in the absence of a network
connection. New in this release of Oracle Database Lite is the ability
to bi-directionally synchronize data between the open source SQLite
database and the Oracle Database.

This release also provides centralized user and device provisioning
and management of SQLite-based mobile applications, allowing
disconnected users to have an experience virtually identical to users
who are connected.

Oracle Database Lite consists of Oracle Database Lite Client, a
small-footprint SQL database that runs on many devices and platforms and
can be bi-directionally synchronized with an Oracle Database server and
Oracle Database Lite Mobile Server, which enables mobile users and devices
to operate in occasionally connected environments, periodically
synchronizing with a back-end database server.

The Oracle Database Lite Mobile Server can also be used to provision
SQLite-based applications, devices on which these applications run,
and users of these applications. User authentication on client devices
can use a Common Access Card.

"Oracle Database Lite's Mobile Server is a great tool for data
synchronization in large scale enterprises," said Zdravko Mandic,
manager Research and Development, Infoart d.o.o. "Our implementation,
which consists of more than 1500 client devices, would have hardly
been possible without it. Oracle Database Lite works silently, in the
background, synchronizing huge amounts of data to our central Oracle
Database and vice versa. This automatic synchronization, combined with
great device management, is essential to keeping such large
deployments healthy and helps enable enterprises to stay up and
running all the time."

Oracle Releases Updated Berkeley DB with Android Support

Oracle has released Oracle Berkeley DB, the small-footprint, open
source embeddable database engine for mission-critical 'edge'
applications. This new version introduces a new SQL API, based on
SQLite, which is familiar to a large developer community and helps
simplify application development.

New features include support for JDBC and ODBC connections to Oracle
Berkeley DB. In addition, Oracle Berkeley DB 11g Release 2 introduces
support for the Android platform, allowing developers to develop and deploy
a wide range of applications on mobile devices.

"Oracle Berkeley DB's new SQLite-compatible SQL API offers powerful
features for its users and the SQLite community at large. The
combination of the two technologies provides developers with
tremendous flexibility in that a single SQL/API can now be used across
a broad spectrum of applications. Oracle has done a fantastic job of
not only integrating the technologies, but also being an exemplary
participant in the open source community by contributing time,
expertise and resources to the SQLite project," said Mike Owens,
author of "The Definitive Guide to SQLite."

Oracle Berkeley DB 11g Release 2 was available for download on March
31, 2010.

Red Hat Extends Its SOA Platform For Cloud Adoption

At EclipseCon in March, Red Hat announced JBoss Enterprise SOA
Platform 5.0, a major update to its JBoss Enterprise Middleware
portfolio. JBoss Enterprise SOA Platform 5.0 is an IDE that integrates
applications, services, transactions, and business process components
into an architecture for automating business and IT processes.

Also expanding Red Hat's middleware portfolio is JBoss Developer
Studio 3.0. This platform now includes support for all of the JBoss
Enterprise Platforms; JBoss Enterprise Application Platform, SOA,
Portal and Data Services platforms. Additionally, the toolset is built
on the latest major release of Eclipse 3.5, and includes new
development capabilities for building SOA services and data
transformation tools for developing enhanced integration services.

To expand the use of cloud-based applications and services, the JBoss
Enterprise SOA Platform integrates applications and services in
cloud and on-premise deployments. Cloud-based IT has the potential to
further increase business process automation.

"Application development within the SOA-equipped enterprise has
evolved significantly over the past two years, demanding a more
eclectic and flexible arsenal of expertise and matching tools," said
Brad Shimmin, Principal Analyst Application Infrastructure at Current
Analysis. "Services and their underlying data must be considered
together, as do cloud and premise deployments, as do rich internet
applications and complex integrated services. JBoss Developer Studio
3.0 melds these disparate concerns using the agility of the Eclipse
3.5 platform and a broad quiver of supported frameworks that includes
RichFaces, Seam, Spring, Struts and GWT."

Deividson Luiz Okopnik

Deividson was born in União da Vitória, PR, Brazil, on
14/04/1984. He became interested in computing when he was still a kid,
and started to code when he was 12 years old. He is a graduate in
Information Systems and is finishing his specialization in Networks and
Web Development. He codes in several languages, including C/C++/C#, PHP,
Visual Basic, Object Pascal and others.

Deividson works in Porto União's Town Hall as a Computer
Technician, and specializes in Web and Desktop system development, and
Database/Network Maintenance.

Howard Dyckoff

Howard Dyckoff is a long term IT professional with primary experience at
Fortune 100 and 200 firms. Before his IT career, he worked for Aviation
Week and Space Technology magazine and before that used to edit SkyCom, a
newsletter for astronomers and rocketeers. He hails from the Republic of
Brooklyn [and Polytechnic Institute] and now, after several trips to
Himalayan mountain tops, resides in the SF Bay Area with a large book
collection and several pet rocks.

Howard maintains the Technology-Events blog at
blogspot.com from which he contributes the Events listing for Linux
Gazette. Visit the blog to preview some of the next month's NewsBytes
Events.